WHAT IS CLAIMED IS: 

1. A transmitting apparatus for transmitting 

a layer structure of a directory which manages 
public key certificate information in a layer manner, 
comprising: 

managing means for making certificate 
authority information correspond to a container 
entry which can store its own subordinate 
information, making end entity information 
correspond to a leaf entry which is under domination 
of said container entry and cannot store its own 
subordinate information, and managing a layer 
structure of a directory constructed by said 
container entry and said leaf entry; 

detecting means for detecting a change of 
said layer structure of said directory which is 
managed by said managing means and obtaining 
differential information constructed by a difference 
of the change of the layer structure of said 
directory on the basis of a detection result; and 

transmitting means for transmitting said 
differential information detected by said detecting 
means , 

wherein information which can obtain 
latest public key certificate information and lapse 
information of said latest public key certificate 
information are stored into said container entry 



and/or said leaf entry. 

2. An apparatus according to claim 1, wherein 
said lapse information is a serial number of said 
public key certificate information. 

3. An apparatus according to claim 1, wherein 
one of said latest public key certificate 
information and the information for obtaining said 
latest public key certificate information can be 
selected and stored into attributes of said 
container entry and/or said leaf entry. 

4. An apparatus according to claim 3, wherein 
the information which is stored into said attributes 
can be changed between said latest public key 
certificate information and the information for 
obtaining said latest public key certificate 
information in accordance with an elapsed time from 
an updating event in which said difference has been 
detected by said detecting means. 

5. A transmitting method of transmitting a 
layer structure of a directory which manages public 
key certificate information in a layer manner, 
comprising : 

a managing step of making certificate 
authority information correspond to a container 
entry which can store its own subordinate 
information, making end entity information 
correspond to a leaf entry which is under domination 



of said container entry and cannot store its own 
subordinate information, and managing a layer 
structure of a directory constructed by said 
container entry and said leaf entry; 

a detecting step of detecting a change of 
said layer structure of said directory which is 
managed by said managing step and obtaining 
differential information constructed by a difference 
of the change of said layer structure of said 
directory on the basis of a detection result; and 

a transmitting step of transmitting said 
differential information detected by said detecting 
step , 

wherein information which can obtain 
latest public key certificate information and lapse 
information of said latest public key certificate 
information are stored into said container entry 
and/or said leaf entry. 

6. A receiving apparatus for receiving a 

transmitted layer structure of a directory which 
manages public key certificate information in a 
layer manner, comprising: 

receiving means for making transmitted 
certificate authority information correspond to a 
container entry which can store its own subordinate 
information, making end entity information 
correspond to a leaf entry which is under domination 
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of said container entry and cannot store its own 
subordinate information, and receiving differential 
information comprising a difference of a change of a 
layer structure of a directory which is constructed 
by said container entry and said leaf entry and 
obtained on the basis of a detection result obtained 
by detecting the change of said layer structure of 
said directory; 

managing means for managing said layer 
structure of said directory constructed on the basis 
of said differential information received by said 
receiving means; and 

changing means for selectively fetching 
said differential information and changing said 
layer structure of said directory which is managed 
by said managing means, 

wherein information which can obtain 
latest public key certificate information and lapse 
information of said latest public key certificate 
information are stored into said container entry 
and/or said leaf entry and transmitted. 

7. An apparatus according to claim 6, wherein 
said lapse information is a serial number of said 
public key certificate information. 

8. An apparatus according to claim 6, wherein 
said changing means selectively fetches updating 
information of said container entry and/or said leaf 



entry corresponding to a certificate information 
pass for obtaining said public key certificate 
information . 

9. A receiving method of receiving a 

transmitted layer structure of a directory which 
manages public key certificate information in a 
layer manner, comprising: 

a receiving step of making transmitted 
certificate authority information correspond to a 
container entry which can store its own subordinate 
information, making end entity information 
correspond to a leaf entry which is under domination 
of said container entry and cannot store its own 
subordinate information, and receiving differential 
information comprising a difference of a change of a 
layer structure of a directory which is constructed 
by said container entry and said leaf entry and 
obtained on the basis of a detection result obtained 
by detecting the change of said layer structure of 
said directory; 

a managing step of managing said layer 
structure of said directory constructed on the basis 
of said differential information received by said 
receiving step; and 

a changing step of selectively fetching said 
differential information and changing said layer 
structure of said directory which is managed by said 



managing step, 

wherein information which can obtain 
latest public key certificate information and lapse 
information of said latest public key certificate 
5 information are stored into said container entry 

and/or said leaf entry and transmitted. 
10. A transmitting and receiving system for 

transmitting a layer structure of a directory which 
manages public key certificate information in a 
10 layer manner and receiving the transmitted layer 

C structure of said directory, comprising: 

first managing means for making 
£. certificate authority information correspond to a 

container entry which can store its own subordinate 
115 information, making end entity information 

°!" correspond to a leaf entry which is under domination 

37 of said container entry and cannot store its own 

subordinate information, and managing a layer 
structure of a directory constructed by said 
20 container entry and said leaf entry; 

detecting means for detecting a change of 
said layer structure of said directory which is 
managed by said first managing means and obtaining 
differential information constructed by a difference 
25 of the change of said layer structure of said 

directory on the basis of a detection result; 

transmitting means for transmitting said 
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differential information detected by said detecting 
means ; 

receiving means for receiving said 
differential information transmitted by said 
transmitting means; 

second managing means for managing said 
layer structure of said directory constructed on the 
basis of said differential information received by 
said receiving means; and 

changing means for selectively fetching 
said differential information and changing said 
layer structure of said directory which is managed 
by said second managing means, 

wherein information which can obtain 
latest public key certificate information and lapse 
information of said latest public key certificate 
information are stored into said container entry 
and/or said leaf entry. 

11. A system according to claim 10, wherein 
said lapse information is a serial number of said 
public key certificate information. 

12. A system according to claim 10, wherein 
one of said latest public key certificate 
information and the information for obtaining said 
latest public key certificate information can be 
selected, stored into attributes of said container 
entry and/or said leaf entry, and transmitted. 
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13. A system according to claim 12, wherein 
the information which is stored into said attributes 
can be changed between said latest public key 
certificate information and the information for 
obtaining said latest public key certificate 
information in accordance with an elapsed time from 
an updating event in which said difference has been 
detected by said detecting means and transmitted. 

14. A system according to claim 10, wherein 
said changing means selectively fetches updating 
information of said container entry and/or said leaf 
entry corresponding to a certificate information 
pass for obtaining said public key certificate 
information . 

15. A transmitting and receiving method of 
transmitting a layer structure of a directory which 
manages public key certificate information in a 
layer manner and receiving the transmitted layer 
structure of said directory, comprising: 

a first managing step of making 
certificate authority information correspond to a 
container entry which can store its own subordinate 
information, making end entity information 
correspond to a leaf entry which is under domination 
of said container entry and cannot store its own 
subordinate information, and managing a layer 
structure of a directory constructed by said 
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container entry and said leaf entry; 

a detecting step of detecting a change of 
said layer structure of said directory which is 
managed by said first managing step and obtaining 
differential information constructed by a difference 
of the change of said layer structure of said 
directory on the basis of a detection result; 

a transmitting step of transmitting said 
differential information detected by said detecting 
step ; 

a receiving step of receiving said 
differential information transmitted by said 
transmitting step; 

a second managing step of managing said 
layer structure of said directory constructed on the 
basis of said differential information received by 
said receiving step; and 

a changing step of selectively fetching 
said differential information and changing said 
layer structure of said directory which is managed 
by said second managing step, 

wherein information which can obtain 
latest public key certificate information and lapse 
information of said latest public key certificate 
information are stored into said container entry 
and/or said leaf entry. 
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